def setUp(self):
with open(os.path.join(os.path.dirname(__file__), "keys", "fake_mauth.priv.key"), "r") as key_file:
self.private_key = key_file.read()
self.signer = Signer(APP_UUID, self.private_key, "v1,v2")
self.signer_v1_only = Signer(APP_UUID, self.private_key, "v1")
self.signer_v2_only = Signer(APP_UUID, self.private_key, "v2")
self.signable = RequestSignable(**REQUEST_ATTRIBUTES)
self.signable_with_binary_body = RequestSignable(**REQUEST_ATTRIBUTES_WITH_BINARY_BODY)
def test_protocol_test_suite(self):
for case_path in TEST_SUITE.cases():
parser = ProtocolTestSuiteParser(case_path)
request_signable = RequestSignable(**parser.request_attributes)
signed_headers_v2 = TEST_SUITE.signer.signed_headers_v2(
request_signable, TEST_SUITE.additional_attributes)
if "authentication-only" not in case_path:
with self.subTest(test="string_to_sign_v2",
case_name=parser.case_name):
string_to_sign = request_signable.string_to_sign_v2(
TEST_SUITE.additional_attributes)
self.assertEqual(string_to_sign.decode("utf-8"),
parser.sts)
with self.subTest(test="signature",
case_name=parser.case_name):
self.assertEqual(
TEST_SUITE.signer.signature_v2(parser.sts), parser.sig)
with self.subTest(test="authentication headers",
case_name=parser.case_name):
self.assertEqual(signed_headers_v2, parser.auth_headers)
with self.subTest(test="authentication",
case_name=parser.case_name):
signed = Signed.from_headers(signed_headers_v2)
authenticator = LocalAuthenticator(request_signable, signed,
self.logger)
self.assertTrue(authenticator._authenticate())
def test_authentication_v1_does_not_authenticate_a_false_message(self):
self.authenticator.signable = RequestSignable(method="GET",
url=URL,
body=BODY)
with self.assertRaises(InauthenticError) as exc:
self.authenticator._authenticate()
self.assertEqual(str(exc.exception),
"Signature verification failed for request.")
def make_headers(self, request):
"""Make headers for the request.
:param requests.models.PreparedRequest request: the Request object
"""
request_signable = RequestSignable(method=request.method,
url=request.url,
body=request.body)
return {**self.signer.signed_headers(request_signable)}
def authenticate(self, signed_request):
"""
Authenticates a request
:param signed_request: Request object
:type request: werkzeug.wrappers.BaseRequest
:return: Is the request authentic, Status Code, Message
:rtype: bool, int, str
"""
signable = RequestSignable(method=signed_request.method, url=signed_request.path, body=signed_request.data)
return self._authenticator(signable, Signed.from_headers(signed_request.headers), logger).is_authentic()
def setUp(self):
self.__get_public_key__ = KeyHolder.get_public_key
KeyHolder.get_public_key = MagicMock(return_value=load_key("rsapub"))
Config.V2_ONLY_AUTHENTICATE = False
self.logger = logging.getLogger()
self.v1_headers = copy.deepcopy(X_MWS_HEADERS)
self.v2_headers = copy.deepcopy(MWSV2_HEADERS)
self.signable = RequestSignable(method="POST", url=URL, body=BODY)
self.authenticator = LocalAuthenticator(
self.signable, Signed.from_headers(self.v1_headers), self.logger)
def setUp(self):
Config.V2_ONLY_AUTHENTICATE = False
RemoteAuthenticator._MAUTH = {
"auth": MagicMock(),
"url": MAUTH_AUTHENTICATION_URL
}
self.logger = logging.getLogger()
self.v1_headers = copy.deepcopy(X_MWS_HEADERS)
self.v2_headers = copy.deepcopy(MWSV2_HEADERS)
self.signable = RequestSignable(method="POST", url=URL, body=BODY)
self.signed = Signed.from_headers(self.v1_headers)
self.authenticator = RemoteAuthenticator(self.signable, self.signed,
self.logger)
def __init__(self, headers, v2_only_authenticate=False, method="POST"):
Config.V2_ONLY_AUTHENTICATE = v2_only_authenticate
signable = RequestSignable(method=method, url=URL, body=BODY)
super().__init__(signable, Signed.from_headers(headers),
logging.getLogger())
def __init__(self, method, url, headers, body):
logger = logging.getLogger()
signable = RequestSignable(method=method, url=url, body=body)
authenticator = LocalAuthenticator if Config.MAUTH_MODE == "local" else RemoteAuthenticator
self._authenticator = authenticator(signable, Signed.from_headers(headers), logger)